use of net.htmlparser.jericho.Source in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldParseFormAsGetIfFormHasNoMethodEvenIfPostFormProcessingIsDisabled.
@Test
public void shouldParseFormAsGetIfFormHasNoMethodEvenIfPostFormProcessingIsDisabled() {
// Given
SpiderParam spiderOptions = createSpiderParamWithConfig();
spiderOptions.setProcessForm(true);
spiderOptions.setPostForm(false);
SpiderHtmlFormParser htmlParser = new SpiderHtmlFormParser(spiderOptions, new DefaultValueGenerator());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("NoMethodForm.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.org/?field1=Text+1&field2=Text+2&submit=Submit"));
}
use of net.htmlparser.jericho.Source in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldIgnoreBaseHtmlIfEmptyHrefWhenParsingPostForm.
@Test
public void shouldIgnoreBaseHtmlIfEmptyHrefWhenParsingPostForm() {
// Given
SpiderHtmlFormParser htmlParser = createSpiderHtmlFormParser();
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage msg = createMessageWith("POST", "FormWithHtmlBase.html", "search", "");
Source source = createSource(msg);
// When
boolean completelyParsed = htmlParser.parseResource(msg, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfResourcesFound(), is(equalTo(1)));
assertThat(listener.getResourcesFound(), contains(postResource(msg, 1, "http://example.com/search", "q=Search&submit=Submit")));
}
use of net.htmlparser.jericho.Source in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldProvidedCorrectFormDataToValueGenerator.
@Test
public void shouldProvidedCorrectFormDataToValueGenerator() {
// Given
TestValueGenerator valueGenerator = new TestValueGenerator();
SpiderHtmlFormParser htmlParser = createSpiderHtmlFormParser(valueGenerator);
TestSpiderParserListener listener = createTestSpiderParserListener();
HttpMessage msg = createMessageWith("FormsForValueGenerator.html");
Source source = createSource(msg);
int fieldIndex = 0;
// When
boolean completelyParsed = htmlParser.parseResource(msg, source, BASE_DEPTH);
// Then
assertThat(valueGenerator.getFields(), hasSize(9));
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/post", "field1", "preDefValue1", list(""), attributes(attribute("name", "field1"), attribute("value", "preDefValue1"), attribute("type", "hidden"), attribute("id", "id1"), attribute("Control Type", "HIDDEN")), attributes(attribute("action", "http://example.org/post"), attribute("method", "POST"), attribute("atta", "valueA"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/post", "field2", "preDefValue2", list(""), attributes(attribute("name", "field2"), attribute("value", "preDefValue2"), attribute("id", "id2"), attribute("att1", "value1"), attribute("Control Type", "TEXT")), attributes(attribute("action", "http://example.org/post"), attribute("method", "POST"), attribute("atta", "valueA"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/post", "field3", "preDefValue3", list(""), attributes(attribute("name", "field3"), attribute("value", "preDefValue3"), attribute("type", "text"), attribute("Control Type", "TEXT")), attributes(attribute("action", "http://example.org/post"), attribute("method", "POST"), attribute("atta", "valueA"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/post", "gender", "f", list(("m,f")), attributes(attribute("name", "gender"), attribute("type", "radio"), attribute("value", "m"), attribute("id", "male"), attribute("Control Type", "RADIO")), attributes(attribute("action", "http://example.org/post"), attribute("method", "POST"), attribute("atta", "valueA"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/post", "submit", "Submit", list(""), attributes(attribute("name", "submit"), attribute("type", "submit"), attribute("value", "Submit"), attribute("Control Type", "SUBMIT")), attributes(attribute("action", "http://example.org/post"), attribute("method", "POST"), attribute("atta", "valueA"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/get", "field1", "", list(""), attributes(attribute("name", "field1"), attribute("type", "hidden"), attribute("id", "id1"), attribute("Control Type", "HIDDEN")), attributes(attribute("action", "http://example.org/get"), attribute("method", "GET"), attribute("att1", "value1"), attribute("att2", "value2"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/get", "field2", "", list(""), attributes(attribute("name", "field2"), attribute("id", "id2"), attribute("att1", "value1"), attribute("Control Type", "TEXT")), attributes(attribute("action", "http://example.org/get"), attribute("method", "GET"), attribute("att1", "value1"), attribute("att2", "value2"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/get", "field3", "", list(""), attributes(attribute("name", "field3"), attribute("type", "text"), attribute("Control Type", "TEXT")), attributes(attribute("action", "http://example.org/get"), attribute("method", "GET"), attribute("att1", "value1"), attribute("att2", "value2"))))));
fieldIndex++;
assertThat(valueGenerator.getFields().get(fieldIndex), is(equalTo(formField("http://example.com/", "http://example.org/get", "submit", "Submit", list(""), attributes(attribute("name", "submit"), attribute("type", "submit"), attribute("value", "Submit"), attribute("Control Type", "SUBMIT")), attributes(attribute("action", "http://example.org/get"), attribute("method", "GET"), attribute("att1", "value1"), attribute("att2", "value2"))))));
}
use of net.htmlparser.jericho.Source in project zaproxy by zaproxy.
the class SpiderHtmlFormParserUnitTest method shouldParseSingleGetForm.
@Test
public void shouldParseSingleGetForm() {
// Given
SpiderHtmlFormParser htmlParser = createSpiderHtmlFormParser();
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("GET", "Form.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.org/?field1=Text+1&field2=Text+2&submit=Submit"));
}
use of net.htmlparser.jericho.Source in project zaproxy by zaproxy.
the class SpiderHtmlParserUnitTest method shouldUseMessageUriIfNoBaseElement.
@Test
public void shouldUseMessageUriIfNoBaseElement() {
// Given
SpiderHtmlParser htmlParser = new SpiderHtmlParser(new SpiderParam());
TestSpiderParserListener listener = createTestSpiderParserListener();
htmlParser.addSpiderParserListener(listener);
HttpMessage messageHtmlResponse = createMessageWith("NoBaseWithAElementSpiderHtmlParser.html");
Source source = createSource(messageHtmlResponse);
// When
boolean completelyParsed = htmlParser.parseResource(messageHtmlResponse, source, BASE_DEPTH);
// Then
assertThat(completelyParsed, is(equalTo(false)));
assertThat(listener.getNumberOfUrlsFound(), is(equalTo(1)));
assertThat(listener.getUrlsFound(), contains("http://example.com/relative/no/base"));
}
Aggregations